CAVE-based authentication

CAVE-based authentication is a security protocol used to verify access in CDMA2000 1X, a type of third-generation (3G) mobile network system. The term "CAVE" stands for Cellular Authentication and Voice Encryption, which is the algorithm used to perform the authentication process.^[1] This system helps to confirm that a user is authorized to connect to the mobile network.

It is also referred to as "HLR authentication" (Home Location Register authentication), "2G authentication," or "Access Authentication." In simpler terms, it ensures that the person trying to access the network is who they claim to be, protecting the network from unauthorized users.

Network entities

In CAVE-based authentication, two main components work together when a user is roaming on a mobile network:

Authentication Center (AC) (also known as HLR/AC or AuC): This is located in the user's home network and manages the authentication process. It either directly verifies the identity of the Mobile Station (MS, commonly known as a mobile phone) or shares a security key (called SSD) with the Visitor Location Register (VLR) in the network the user is visiting. The AC must have a specific security key (A-key) for each mobile device. Authentication depends on both the device and the AC having the same A-key. The AC is usually part of the Home Location Register (HLR) but can also exist as a separate system that serves multiple HLRs. Although "AuC" is the abbreviation used in GSM networks, it is sometimes incorrectly applied to CDMA networks as well.
Visitor Location Register (VLR): This is the network component in the visited network (the one the user is currently connected to while roaming). If the SSD key is shared with this network, the VLR can authenticate the user locally. If not, it acts as a middleman, passing authentication requests to the user's home AC for verification.

This system ensures that users can be securely authenticated even when they are using networks outside their home area.

Keys

In mobile network authentication, the authentication controller is responsible for determining whether the response from the Mobile Station (MS, or mobile phone) is correct. Depending on the situation, this controller can either be the Authentication Center (AC) in the user's home network or the Visitor Location Register (VLR) in the network the user is currently roaming in. This process uses two shared keys in CAVE-based authentication, which relies on the CAVE (Cellular Authentication and Voice Encryption) algorithm:

Authentication key (A-key): This is a 64-bit secret key that is only known to the MS and the AC. If the mobile phone uses a RUIM card (similar to a SIM card), the A-key is stored on the RUIM; otherwise, it is stored in the device's memory. The A-key is never shared with other networks. However, it is used to create another key called Shared Secret Data (SSD), which can be shared with a roaming network to allow local authentication.
Shared Secret Data (SSD): This is a 128-bit key created using the CAVE algorithm during a procedure known as an SSD update.^[2] Both the MS and the AC in the user’s home network independently calculate this SSD. The SSD, not the A-key, is used during the actual authentication process. SSD may or may not be shared between the user’s home network and a roaming network. If it is shared, it allows the roaming network to authenticate the user locally. The SSD is divided into two parts:
- SSD_A: Used for generating authentication signatures.
- SSD_B: Used to create session keys for encryption and voice privacy.

This process allows users to be securely authenticated without revealing the most sensitive key (A-key) to other networks.

Authentication challenges

CAVE-based authentication uses two types of challenges to verify the identity of a mobile phone (MS):

Global challenge: This is a process where every mobile device trying to access the network must respond to a common challenge. This challenge is broadcast to all devices in the area through the network's overhead messages. To respond, the mobile phone creates an authentication signature response (called AUTHR) using the CAVE algorithm. It combines the challenge value, the phone’s electronic serial number (ESN), and either the last six digits dialed (if the user is making a call) or a part of the subscriber’s unique identification number (IMSI_S1). It also uses part of the shared secret data (SSD_A) to generate this response.
Unique challenge: This process allows the network (either the home network or a roaming network if SSD is shared) to specifically challenge a particular mobile phone. This might happen for security reasons or to verify the device’s identity. The phone generates a different authentication signature response (called AUTHU), using the CAVE algorithm with inputs from the unique challenge value, ESN, IMSI_S1, and SSD_A.

CAVE-based authentication is a one-way process, meaning the network always authenticates the mobile phone, but the phone does not authenticate the network. The only exception is during an SSD update, where the phone may challenge the base station.

Specification

CAVE-based authentication procedures are outlined in the TIA-41 standard, which is part of the specifications created by 3GPP2 (3rd Generation Partnership Project 2). These procedures explain how mobile phones and networks verify each other in CDMA-based systems, ensuring secure communication. TIA-41, also known as X.S0004, provides detailed guidelines for how this verification, or authentication, is performed using the CAVE algorithm.

References

^ Zhang, Chi; Liu, Jun-Rong; Gu, Da-Wu; Wang, Wei-Jia; Lu, Xiang-Jun; Guo, Zheng; Lu, Hai-Ning (1 September 2019). "Side-Channel Analysis for the Authentication Protocols of CDMA Cellular Networks". Journal of Computer Science and Technology. 34 (5): 1079–1095. doi:10.1007/s11390-019-1961-5. ISSN 1860-4749. Retrieved 18 June 2024.
^ Miceli, Andrew (2003). Wireless technician's handbook (PDF) (2. ed.). Boston, Mass.: Artech House. ISBN 978-1580533577. Retrieved 18 June 2024.

External links

TIA-41 - 3GPP2 X.S0004 (March 2004)

[1] Zhang, Chi; Liu, Jun-Rong; Gu, Da-Wu; Wang, Wei-Jia; Lu, Xiang-Jun; Guo, Zheng; Lu, Hai-Ning (1 September 2019). "Side-Channel Analysis for the Authentication Protocols of CDMA Cellular Networks". Journal of Computer Science and Technology. 34 (5): 1079–1095. doi:10.1007/s11390-019-1961-5. ISSN 1860-4749. Retrieved 18 June 2024.

[2] Miceli, Andrew (2003). Wireless technician's handbook (PDF) (2. ed.). Boston, Mass.: Artech House. ISBN 978-1580533577. Retrieved 18 June 2024.

[1]

v t e Authentication
Authentication APIs	BSD Authentication (BSD Auth) eAuthentication (eAuth) Generic Security Services API (GSSAPI) Java Authentication and Authorization Service (JAAS) Pluggable Authentication Modules (PAM) Simple Authentication and Security Layer (SASL) Security Support Provider Interface (SSPI) XCert Universal Database API (XUDA)
Authentication protocols	ACF2 Authentication and Key Agreement (AKA) CAVE-based authentication Challenge-Handshake Authentication Protocol (CHAP) MS-CHAP Central Authentication Service (CAS) CRAM-MD5 Diameter Extensible Authentication Protocol (EAP) Host Identity Protocol (HIP) IndieAuth Kerberos LAN Manager NT LAN Manager (NTLM) OAuth OpenID OpenID Connect (OIDC) Password-authenticated key agreement protocols Password Authentication Protocol (PAP) Protected Extensible Authentication Protocol (PEAP) Remote Access Dial In User Service (RADIUS) Resource Access Control Facility (RACF) Secure Remote Password protocol (SRP) TACACS Woo–Lam
Category Commons